Oracle IT Security Compliance Analyst 4 in Canberra, Australia
IT Security Compliance Analyst 4
IT Security Compliance Analyst
IT Security Compliance Analyst
The Oracle Public Cloud Risk & Compliance organisation ensures the security and compliance of Oracle Cloud from initial design to compliance by way of security policy, processes, and procedure standards definition, assessment/audit and certification, operation and continuous monitoring of cloud based SaaS Services.
Successful candidates for this role must be very comfortable taking a leadership role with regulatory compliance in a fast-paced organisation. Candidates will be expected to lead new compliance efforts, as well as maintain existing regulatory compliance obligations. A background in owning, leading, and managing the day-to-day compliance operations, continuous monitoring, and/or assessment & authorisation for Australian government systems is required.
A strong working knowledge of relevant Information Security Manual controls, PSPF, Cloud Computing Security Considerations and ICT security standards is required. IRAP, SOC1, SOC2, PCI, ISO 27000 series and similar skill and experience is a plus for the right candidate.
Primary responsibilities of this role will include:
Lead contact with regard to compliance operations within the Oracle Australia Cloud offerings;
Creates and maintains Information Security documentation such as System Security Plans and Security Risk Management Plans, Statement of Applicability and others such as Security Operating Procedures.
Evaluates regulatory compliance requirements and engages with a variety of cross functional teams;
Key team member of engineering design and development of government cloud based systems;
Evaluates and provides reasonable assurance that risk management, control, and governance systems are functioning as intended and will enable the organisation’s objectives and goals to be met;
Reports risk management issues and internal controls deficiencies identified directly to the Cloud Regulatory Compliance Program and provide recommendations for improving the organisation’s operations, in terms of both efficient and effective performance;
Evaluates information security and associated risk exposures;
Evaluates regulatory compliance program with consultation from legal counsel;
Evaluates the organisation’s readiness in case of business interruption;
Maintains open communication with management and teams across Oracle Cloud Operations;
Engages with other internal and external strategic resources as appropriate; and
Evaluates applicable global standards & compliance frameworks to establish internal standards, guidelines, policies, processes, and procedures;
Designs, develops and publishes internal program frameworks, checklists, policy, processes, procedures using creative publishing and editing software tools;
Systematically and comprehensively documents the Government compliance program;
Other duties as assigned;
ISO 27001, CISSP, CISA, CRISC, CISM, Security , PMP and other security certifications preferred
Prefer 5 years relevant experience and university degree.
Must be able to complete one or more background investigations and/or appropriate security clearance(s) as required by government contracts and due to applicable laws, regulations, and executive orders.
Job duties are varied and complex; independent judgement needed. May have project lead role.
Detailed Description and Job Requirements
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company’s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
Job: Information Technology
Other Locations: AU-AU,Australia-North Ryde
Job Type: Regular Employee Hire